Re: [Exim] RE: Exim 4 LDAP SMTP Authentication

Top Page
Delete this message
Reply to this message
Author: Tony Earnshaw
Date:  
To: Stefan Kaltenbrunner
CC: exim-users
Subject: Re: [Exim] RE: Exim 4 LDAP SMTP Authentication
fre, 2003-02-14 kl. 12:48 skrev Stefan Kaltenbrunner:

> > begin authenticators
> >
> > fixed_plain:
> >   driver              = plaintext
> >   public_name         = PLAIN
> >   server_condition    = ${if ldapauth \
> >     {user="cn=${quote_ldap:$2},ou=people,ou=groups,dc=example,dc=com" \
> >     pass="$3" \

>
> you might want to check if pass="$3" works for "strange" passwords too (like
> "abcde" (including the ") or abc=dc) - it didn't in our internal tests.
> I have been discussing this problem in more detail with ph10@ already and he
> agreed to some respect that pass=${quote:$3} is "more" correct in this case
> although I'm still a not really convinced . . .


As far as I'm concerned, with Exim 4.10/4.12 $3 (without the quotes)
doesn't work. However, as with *everything* else above, it's a matter of
trial and error. It took me a day to figure out the ins and outs, with
copious help from the 14,000 odd Exim list postings on my harddisk since
Exim 4 arrived. Plus much RTFMing and trying out.

Funny, I hardly ever need to ask for help from the list, it's all been
done by someone before. There was a posting from a Sendmail admin on the
SA list who had 3,000+ spammer "dictionary" attacks *per day* on his
smtp server and wondered whether to set up an IPTABLES block, etc. I did
a hard disk search and came up with Guilano's teergrubing solution /
posting for Exim 4 within 5 minutes. And it works beautifully, even
combined with other things within the same ACL. Effing brilliant.

Best,

Tony

--

Tony Earnshaw

When you rob a person of his illusions,
you are robbing him of his happiness


e-post:        tonni@???
www:        http://www.billy.demon.nl